But Labor thinks the advice falls short of recognising the actual problem.
The federal government has provided advice on how to counter ransomware in Australia, encouraging the use of multifactor authentication and urging businesses to keep software up to date, archive data and back-up, build in security features to systems, and train employees on good cyber hygiene. The advice was provided in Locked Out: Tackling Australia’s ransomware threat, which is a 14-page document [PDF] prepared by the Cyber Security Industry Advisory Committee. It’s touted by the Department of Home Affairs as « [building] awareness for all Australians and their businesses on the current ransomware threat landscape ». « Ransomware attacks today present a major threat to Australian organisations, » the paper declared. « In 2020, cyber criminals conducted successful attacks on major Australian organisations at a volume never before experienced. » The paper presents case studies on attacks, such as the one experienced by Toll last year, in addition to advice on how to protect against ransomware attacks. « Early detection of a ransomware attack is paramount to minimising impact, » it says. It also says many of the most impactful ransomware attacks could have been avoided with foundational cybersecurity controls and good cybersecurity hygiene. « For small businesses, which make up 93% of employing businesses in Australia and provide employment for nearly 45% of Australia’s workforce, the challenge is different, » it continued. « They don’t have chief security officers, an IT team.
